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DETAILED ACTION 



1. 



Pursuant to USC 131 , claims 1 - 41 are presented for examination: 



2. 



Claims 1 -41 are pending. 



Response to Arguments 



3. Applicant's arguments with respect to claims 1 -41 have been considered but 
are moot in view of the new ground(s) of rejection. 



4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

5. Regarding claims 1 -41 are rejected under 35 U.S.C. 102(e) as being disclosed 
by Srivastava (US 6.684,331 B1). 



Regarding claim 1 , Srivastava discloses a communications method for use in a 
system including comprising a first, second and third nodes, and a first secret, 
said first secret being shared between the first and second nodes to secure 
communications between said first and second nodes, the method comprising: 



Claim Rejections - 35 USC § 102 
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operating the first node to establish a secure communications session with said 
second node using the first shared secret to secure the contents of packets 
communicated from the first node that are directed to the second node as part of 
the secure communications session; operating a third node which is coupled to 
said first and second nodes to maintain in memory a copy of said first shared 
secret; and operating the third node to receive a secure flow of packets from the 
first node that are directed to said second node as part of the secure 
communications session (figure 1 , column 2 lines 27 - 41 and column 9 lines 38 
-49). 

Regarding claim 2 , Srivastava discloses the method of claim 1 , further 
comprising: operating the third node to receive from said second node the first 
shared secret and to store the first shared secret in memory, said received first 
shared secret being encrypted using a second shared secret known to the 
second and third nodes (column 12 lines 24 - 55). 

Regarding claim 3 , Srivastava discloses the method of claim 2, further 
comprising: operating said third node to receive and process packets sent from 
said first node as part of said established communications session, said third 
node sending a message to the first node indicating successful receipt of packets 
by said second node (column 10 lines 7-19). 



Application/Control Number: 10/685,720 Page 4 

Art Unit: 2136 

Regarding claim 4 , Srivastava discloses the method of claim 3, wherein said third 
node uses said first shared secret to secure the message to the first node 
(column 9 lines 38-49). 

Regarding claim 5 , Srivastava discloses the method of claim 5, wherein said third 
node operates as an application proxy for said second node during said secure 
communications session without informing said first node that the third node is 
acting as a proxy in the place of said second node (Figure 2C and column 10 
lines 20 - 33). 

Regarding claim 6 , Srivastava discloses the method of claim 5, further 
comprising: operating the third node to transmit information obtained from said 
communications session while said third node was acting as a proxy for said 
second node to said second node; and operating the second node to continue 
the secure communications session with the first node (column 10 lines 20 - 33). 

Regarding claim 7 , Srivastava discloses the method of claim 1 , further 
comprising: operating the third node to inspect the secure packet flow from the 
first node, said step of inspecting said secure packet flow including performing at 
least one of a group of security steps which use the first shared secret, said 
group of security steps comprising: decrypting a packet, integrity checking 
contents of a packet, and authenticating a sender of a packet (Figure 3 and 
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column 1 1 lines 34 - 60). 

Regarding claim 8 , Srivastava discloses the method of claim 7, further 
comprising: operating the third node to drop the packet from the packet flow if the 
performed at least one of the group of security checks fails (column 4 lines 4 - 
17). 

Regarding claim 9 , Srivastava discloses the method of claim 7, further 
comprising: operating the third node to additionally process the packets from the 
packet flow if no performed security check in said group of security checks fails 
(column 7 lines 49 - 61 and column 8 lines 3 - 16). 

Regarding claim 10 , Srivastava discloses the method of claim 9, further 
comprising: operating the third node to identify a packet with a disallowed packet 
payload by comparing at least a portion of the payload of each packet in the 
packet flow to information indicating allowed packet payloads, payloads of a type 
which are not indicated by said information being disallowed packet payloads 
(column 8 lines 1 7 - 60). 

Regarding claim 11 , Srivastava discloses the method of claim 10, further 
comprising: operating the third node to drop an identified packet with a 
disallowed packet payload fails (column 4 lines 4-17). 
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Regarding claim 12 , Srivastava discloses the method of claim 10, further 
comprising: operating the third node to modify the packet payload of packets 
identified to include a disallowed packet payload based on stored information 
indicating payload modifications to be made to disallowed packet payloads 
(column 8 lines 17-60). 

Regarding claim 13 , Srivastava discloses the method of claim 12, wherein the 
modified payload generated by modifying a packet payload includes a message 
indicating that an erroneous payload was detected at the third node (figure 4C 
and column 13 lines 63 - 67 and column 14 lines 1 - 17). 

Regarding claim 14 , Srivastava discloses the method of claim 10, further 
comprising: operating the third node to process at least two packets in the packet 
flow to produce at least a third packet (column 4 lines 4-17). 

Regarding claim 15 , Srivastava discloses the method of claim 9, further 
comprising; operating the third node to generate an additional packet flow from 
the received packet flow directed to ihe second node and to forward the 
additional packet flow to the second node, packets in said additional packet flow 
having a source address corresponding to the first node and a destination 
address corresponding to the second node, said step of generating an additional 
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packet flow including at least one of a group of security steps which use the first 
shared secret, the group of security steps consisting of: encrypting a packet, 
adding an integrity check for the contents of the packet, and adding an 
authenticator check for the packet sender (column 7 lines 49 - 61 and column 8 
lines 3 -16). 

Regarding claim 16 , Srivastava discloses the method of claim 1 , wherein the 
second and third nodes each include a second secret used to secure 
communications between the third node and the second node, the method 
further comprising: operating the third node to generate an additional packet flow 
from the received packet flow directed to the second node and to forward the 
additional packet flow to the second node, packets in said additional packet flow 
having a source address corresponding to the third node and a destination 
address corresponding to the second node, said step of generating an additional 
packet flow including at least one of a group of security steps which use the 
second shared secret, the group of security steps consisting of: encrypting a 
packet, adding an integrity check for the contents of the packet, and adding an 
authenticator check for the packet sender (column 7 lines 49 -61 and column 8 
lines 3- 16). 



Regarding claim 17 , Srivastava discloses the method of claim 16, further 
comprising: operating the second node to communicate the first shared secret to 
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the third node, the first shared secret being encrypted using the second shared 
secret (Figure 3 and column 1 1 lines 34 - 60). 

Regarding claim 18 , Srivastava discloses the method of claim 17, further 
comprising: mutually authenticating the second and third nodes prior to the 
second node transmitting the first shared secret to the third node (column 8 lines 
17-34). 

Regarding claim 19 , Srivastava discloses a communications system, comprising: 
a first node including a first shared secret and a communications application for 
establishing a secure communications session using said first shared secret to 
secure packets communicated as part of said secure communications session; a 
mobile node including said first shared secret, a second shared secret, and at 
least one communications application for maintaining a secure communications 
session with said first node using said first shared secret; an intermediate node, 
coupled to said first node and said mobile node, said intermediate node including 
said first shared secret and said second shared secret, said intermediate node 
including: means for processing packets directed by said first node towards said 
mobile node as part of a secure communications session using said first shared 
secret; and means for sending a message to said first node secured by said first 
shared secret indicating successful receipt of said packets by said mobile node 
(figure 1 , column 2 lines 27 - 41 and column 9 lines 38 - 49). 
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Regarding claim 20 , Srivastava discloses the communication system of claim 19, 
wherein said intermediate node further includes: means for communicating 
information generated by processing packets directed to said mobile node to said 
mobile node in packets secured using said second shared secret, said 
Information being the result of application processing performed on the payload 
of at least two Jata packets to generate information not present in either of the 
two data packets (column 12 lines 24 - 55). 

Regarding claim 21 , Srivastava discloses the communication system of claim 20, 
wherein the mobile node includes means for ending said first shared secret to 
said intermediate node in an encrypted format resulting in encryption processing 
using said second shared secret (column 10 lines 7-19). 

Regarding claim 22 , Srivastava discloses a communications system for use with 
a second node, said communications system comprising: a first node including: 
memory means for storing a first secret, said first secret being shared between 
the first node and the second node to secure communications between said first 
and second nodes; and means for establishing a secure communications session 
with said second node using the first shared secret to secure the contents of 
packets communicated from the first node that are directed to the second node 
as part of a secure communications session; a third node, coupled to said first 
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and second nodes, the third node including: memory means for storing a copy of 
said first shared secret; and means for receiving a secure flow of packets from 
the first node that are directed to said second node as part of the secure 
communications session (figure 1, column 2 lines 27-41 and column 9 lines 38 
-49). 

Regarding claim 23 , Srivastava discloses the communication system of claim 22, 
wherein said third node further includes: means for receiving from said second 
node the first shared secret; and means for storing the first shared secret in 
memory, said received first shared secret being encrypted using a second 
shared secret known to the second and third nodes (column 12 lines 24 - 55). 

Regarding claim 24 , Srivastava discloses the communications system of claim 
22, wherein said first node is a mobile node (column 10 lines 7-19). 

Regarding claim 25 , Srivastava discloses a method of operating a third node in a 
system comprising a first node, a second node and said third node, a first secret 
being shared between the first and second nodes to secure communications 
between said first and second nodes, the method comprising: receiving from said 
second node the first shared secret; storing said first shared secret in memory; 
and receiving a secure flow of packets from the first node that are directed to 
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said second node as part of the secure communications session (figure 1, 
column 2 lines 27 - 41 and column 9 lines 38 - 49). 

Regarding claim 26 , Srivastava discloses the method of claim 25, wherein said 
received first shared secret is receivedjn an encrypted form, said first shared 
secret having been encrypted using a second shared secret known to the second 
and third nodes (column 12 lines 24 - 55). 

Regarding claim 27 , Srivastava discloses the method of claim 25, further 
comprising: processing packets received from said first node which are part of 
said established communications session; and sending a message to the first 
node indicating successful receipt of packets by said second node (column 10 
lines 7- 19). 

Regarding claim 28 , Srivastava discloses the method of claim 27; wherein said 
third node uses said first shared secret to secure the message to the first node 
(column 9 lines 38 -49). 

Regarding claim 29 , Srivastava discloses the method of claim 28, wherein said 
third node operates as an application proxy for said second node during a portion 
of said secure communications session without informing said first node that the 
third node is acting as a proxy in the place of said second node (Figure 2C and 
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column 10 lines 20 - 33). 

Regarding claim 30 , Srivastava discloses the method of claim 29, further 
comprising: transmitting information obtained from said communications session 
while said third node was acting as a proxy for said second node to said second 
node (Figure 3 and column 1 1 lines 34 - 60). 

Regarding claim 31 . Srivastava discloses the method of claim 25, further 
comprising: using said first shared secret to decrypt a packet included in said 
secure flow of packets (Figure 3 and column 1 1 lines 34 - 60). 

Regarding claim 32 , Srivastava discloses the method of claim 31 , further 
comprising: processing said decrypted packet; and communicating the result of 
processing said decrypted packet to said second node in an encrypted packet 
(column 4 lines 4- 17). 

Regarding claim 33 , Srivastava discloses the method of claim 25, further 
comprising: processing at least two packets in the secure flow of packets to 
produce at least a third packet; and communicating the third packet to the 
second node (column 7 lines 49 - 61 and column 8 lines 3-16). 
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Regarding claim 34 , Srivastava discloses a third node in a system comprising a 
first node, a second node and said third node, a first secret being shared 
between the first and second nodes to secure communications between said first 
and second nodes, the method comprising: a receiver for receiving from said 
second node the first shared secret; memory in which said first shared secret is 
stored; and an agent module for receiving a secure flow of packets from the first 
node that are directed to said second node as part of the secure communications 
session (column 8 lines 17 - 60). 

Regarding claim 35 , Srivastava discloses the third. node of claim 34, wherein said 
received first shared secret is received in an encrypted form, said first shared 
secret having been encrypted using a second shared secret known to the second 
and third nodes (column 8 lines 17- 60). 

Regarding claim 36 , Srivastava discloses the third node of claim 34, wherein said 
agent module includes: a proxy module for processing packets received from 
said first node which are part of said established communications session and 
sending a message to the first node indicating successful receipt of packets by 
said second node (figure 4C and column 13 lines 63 - 67 and column 14 lines 1 
-17). 

Regarding claim 37 , Srivastava discloses a third node in a system comprising a 
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first node, a second node and said third node, a first secret being shared 
between the first and second nodes to secure communications between said first 
and second nodes, the method comprising: receiver means for receiving from 
said second node the first shared secret; memory means for storing said first 
shared secret; and agent means for receiving a secure flow of packets from the 
first node that are directed to said second node as part of the secure 
communications session (column 4 lines 4-17). 

Regarding claim 38 , Srivastava discloses the third node of claim 37, wherein said 
received first shared secret is received in an encrypted form, said first shared 
secret having been encrypted using a second shared secret known to the second 
and third nodes (column 7 lines 49 - 61 and column 8 lines 3 - 16). 

Regarding claim 39 , Srivastava discloses the third node of claim 37, wherein said 
agent means includes proxy means for processing packets received from said 
first node which are part of said established communications session and 
sending a message to the first node indicating successful receipt of packets by 
said second node (column .7 lines 49 - 61 and column 8 lines 3 - 16). 

Regarding claim 40 , Srivastava discloses a machine readable medium including 
computer executable instructions for controlling a third node in a system 
comprising a first node, a second node and said third node, a first secret being 
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shared between the first and second nodes to secure communications between 
said first and second nodes, to perform a communications method including the • 
steps of:receiving from said second node the first shared secret; storing said first 
shared secret in memory; and receiving a secure flow of packets from the first 
node that are directed to said second node as part of the secure communications 
session (figure 1 , column 2 lines 27 - 41 and column 9 lines 38 - 49). 

Regarding claim 41 . Srivastava discloses the third node of claim 40, wherein said 
received first shared secret is received in an encrypted form, said first shared 
secret having been encrypted using a second shared secret known to the second 
and third nodes (column 12 lines 24 - 55). 
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